Azure Security Center Management Client Library

7.0.0 · active · verified Thu Apr 09

The Azure Security Center Management Client Library for Python provides the necessary tools to interact with Microsoft Defender for Cloud (formerly Azure Security Center). It allows for programmatically managing security policies, alerts, and other security-related resources within Azure. The current stable version is 7.0.0. Azure SDKs typically follow a regular release cadence, with minor updates several times a year and major versions released as needed for significant breaking changes or new API versions.

Warnings

breaking The credential system has been completely revamped in version 7.0.0 and subsequent versions. Older `azure.common.credentials` or `msrestazure.azure_active_directory` instances are no longer supported. The `credentials` parameter for the client constructor has been renamed to `credential`.
Fix: Migrate authentication to use classes from `azure-identity` (e.g., `DefaultAzureCredential`). The client constructor now takes a `credential` parameter.
breaking Operations that previously returned `msrest.polling.LROPoller` now return `azure.core.polling.LROPoller` and are prefixed with `begin_` (e.g., `operation.create()` becomes `operation.begin_create()`). The `CloudError` exception has been removed, and most exceptions are now `azure.core.exceptions.HttpResponseError`.
Fix: Update long-running operation calls to use the `begin_` prefix and handle `azure.core.polling.LROPoller`. Catch `azure.core.exceptions.HttpResponseError` for API-related exceptions.
gotcha The Azure SDK for Python leverages `DefaultAzureCredential` for authentication, which relies on environment variables (e.g., `AZURE_CLIENT_ID`, `AZURE_TENANT_ID`, `AZURE_CLIENT_SECRET`, `AZURE_SUBSCRIPTION_ID`) or other configured contexts (Managed Identity, Azure CLI login, VS Code login). Incorrect or missing environment variable configuration is a common pitfall.
Fix: Ensure `AZURE_SUBSCRIPTION_ID` and other necessary authentication environment variables are correctly set for non-managed identity scenarios. For local development, ensure you are logged in via `az login`.
gotcha Azure management libraries support multiple API versions. While the package defaults to the latest API version available on public Azure, for production environments, it's recommended to explicitly pin to a specific `api-version` to ensure consistency and prevent unexpected breaking changes from new service updates.
Fix: When initializing the client, consider passing the `api_version` keyword argument with a specific version string, e.g., `SecurityCenter(credential, subscription_id, api_version='2022-05-01')`.

Install

pip install azure-mgmt-security azure-identity Install stable version with authentication library

Imports

SecurityCenter

from azure.mgmt.security import SecurityCenter

DefaultAzureCredential
```
from azure.identity import DefaultAzureCredential
```
The credential system was revamped in v1.0.0b1 (leading to v7.0.0 stable). Older credential types like AADTokenCredentials are no longer supported; use `azure-identity` classes instead.

Quickstart

This quickstart demonstrates how to authenticate with Azure using `DefaultAzureCredential` and create an instance of the `SecurityCenter` client. It then lists the security policies and the first few alerts associated with the specified Azure subscription. Ensure your `AZURE_SUBSCRIPTION_ID` environment variable is set and you are authenticated to Azure (e.g., via `az login` for local development).

import os
from azure.identity import DefaultAzureCredential
from azure.mgmt.security import SecurityCenter

# Set your Azure Subscription ID as an environment variable, e.g., AZURE_SUBSCRIPTION_ID
subscription_id = os.environ.get("AZURE_SUBSCRIPTION_ID", "YOUR_SUBSCRIPTION_ID")

if subscription_id == "YOUR_SUBSCRIPTION_ID":
    print("Please set the AZURE_SUBSCRIPTION_ID environment variable.")
    exit(1)

try:
    # Authenticate using DefaultAzureCredential
    # This credential chain will attempt to authenticate in various environments
    # (e.g., environment variables, managed identity, Azure CLI, Visual Studio Code)
    credential = DefaultAzureCredential()

    # Create a SecurityCenterManagementClient
    security_client = SecurityCenter(credential=credential, subscription_id=subscription_id)

    # Example: List security policies for a subscription
    print(f"Listing security policies for subscription: {subscription_id}")
    policies = security_client.security_policies.list()

    for policy in policies:
        print(f"  Policy Name: {policy.name}, Type: {policy.policy_type}")

    print("\nListing alerts (first few, if any):")
    alerts_iterator = security_client.alerts.list()
    first_five_alerts = []
    for i, alert in enumerate(alerts_iterator):
        if i >= 5:
            break
        first_five_alerts.append(alert)
        print(f"  Alert: {alert.name}, State: {alert.status}, Severity: {alert.severity}")
    if not first_five_alerts:
        print("  No alerts found.")

except Exception as e:
    print(f"An error occurred: {e}")
    print("Ensure you have set AZURE_SUBSCRIPTION_ID and configured authentication (e.g., via Azure CLI 'az login').")

view raw JSON →